Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_45ea555aa1e9e24d679269d4980c11a0
-
Size
206KB
-
Sample
250101-d914tstlev
-
MD5
45ea555aa1e9e24d679269d4980c11a0
-
SHA1
c18bee8e1ae2be8d314c38f2370342ace190ebf5
-
SHA256
d455513348fc570dc3d631a9d31e1f7b287b5dfa3f7ba25c35b05981b6ad8ae7
-
SHA512
0806c9ef6d3691c14ddafd0b6e029f36e748650f9d3c1b2de38bb75689793db3cbf6a979ed3dd6b4bc14c2a90f76de2c4883d16b15d63fa0b4cc3df7f5bcd40a
-
SSDEEP
3072:f7Qto/YpexZU7qwa+varX1nVUMX5XO/1Ivq37/OYn8i8e07RwTt/aFu:f79//KOp9VU6p4kzx57GTti0
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_45ea555aa1e9e24d679269d4980c11a0.exe
Resource
win7-20240903-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
JaffaCakes118_45ea555aa1e9e24d679269d4980c11a0
-
Size
206KB
-
MD5
45ea555aa1e9e24d679269d4980c11a0
-
SHA1
c18bee8e1ae2be8d314c38f2370342ace190ebf5
-
SHA256
d455513348fc570dc3d631a9d31e1f7b287b5dfa3f7ba25c35b05981b6ad8ae7
-
SHA512
0806c9ef6d3691c14ddafd0b6e029f36e748650f9d3c1b2de38bb75689793db3cbf6a979ed3dd6b4bc14c2a90f76de2c4883d16b15d63fa0b4cc3df7f5bcd40a
-
SSDEEP
3072:f7Qto/YpexZU7qwa+varX1nVUMX5XO/1Ivq37/OYn8i8e07RwTt/aFu:f79//KOp9VU6p4kzx57GTti0
-
Modifies firewall policy service
-
Sality family
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5